CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Canon 1Oce Colorwave 500 Firmware Jun 17, 2026 Mar 19, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the device's web interface can get a...Show more |
1Canon 1Oce Colorwave 500 Firmware Jun 17, 2026 Mar 19, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. This is a system-wide issue. An attacker could perform administrative actions by targeting a logged-in administrative...Show more |
1Canon 1Oce Colorwave 500 Firmware Jun 17, 2026 Mar 19, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. NOTE: this is fixed in the latest version. |
1Canon 1Oce Colorwave 500 Firmware Jun 17, 2026 Mar 19, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. The vulnerable parameter is openSI. NOTE: this is fixed in the latest version. |
1Canon 1Oce Colorwave 500 Firmware Jun 17, 2026 Mar 19, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. The vulnerable parameter is map(template_name). NOTE: this is fixed in...Show more |